VIRY.CZ

Přikládámlogy, prosím o kontrolu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by oldřich (administrator) on RAKETA (MSI MS-7641) (26-08-2021 17:02:01)
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Bluestack Systems, Inc -> Bluestack System Inc.) C:\Program Files\BlueStacks\BstkSVC.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Player.exe <2>
(BlueStack Systems, Inc.) [File not signed] C:\Program Files\BlueStacks\Bluestacks.exe <3>
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(INTERNET PROJECT LLC -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(INTERNET PROJECT LLC -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Seznam.cz, a.s. -> ) C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Winthread Software) [File not signed] C:\Program Files\Windows Keylogger\conhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [conhost] => C:\Program Files\Windows Keylogger\conhost.exe [627200 2016-01-19] (Winthread Software) [File not signed]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [204272 2018-10-10] (INTERNET PROJECT LLC -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114012032 2021-07-20] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [upjers Home] => C:\Users\oldřich\AppData\Local\Programs\upjers-playground2\upjers Home.exe [105073896 2020-08-19] (upjers GmbH -> upjers GmbH)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Opera Browser Assistant] => C:\Users\oldřich\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1384328 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2935BB9D-86BF-40A5-B062-D028E09A8D77} - System32\Tasks\CCleanerSkipUAC - oldřich => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2C607AEE-5E7E-426B-A8F9-CC727FC7F3D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {4282C8F2-A2E1-43B6-ABB7-0A6208E9C41D} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [363400 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {561FDBC9-4D77-41B9-BA9E-D16A5F61394E} - System32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5666AB83-26DA-49B3-B370-FC9B2178B955} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D961744-82F6-4AEC-BCF8-F6E3F0B62C83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-25] (Adobe Inc. -> Adobe)
Task: {5DCC1D9D-37CE-4442-8708-6DF16821D838} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {624DC831-128A-421C-9674-49E4280C30FF} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {639CAEFC-A071-4F6F-AE9B-323AF24F0015} - System32\Tasks\Opera scheduled assistant Autoupdate 1592314214 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\oldřich\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {79941511-C806-47AC-8B87-D2A8DFC91079} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {7F65DD54-C01A-4A7B-B6C0-46C80969AB9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
Task: {993939E0-DA54-497D-9645-5761516B1F3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {D086F73E-ED65-41AF-AF02-9A0E961E8E23} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-22] (Adobe Inc. -> Adobe)
Task: {D1962051-92BA-4BCA-A88A-82427BEDE832} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4902680 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
Task: {E1673A99-EDBD-4D1B-9EC5-953C8AF66E41} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {EC3957C9-9BD6-4363-82E2-316AFD32A7AA} - System32\Tasks\Opera scheduled Autoupdate 1591799864 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{832D3418-B880-4F00-86CD-1C65EC6DB039}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\oldřich\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-15]
Edge Notifications: Default -> hxxps://cz2.herozerogame.com

FireFox:
========
FF DefaultProfile: gde1uc3i.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default [2020-07-17]
FF Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\ezjbdbhd.default-release [2021-08-26]
FF Homepage: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://s1-cz.tanoth.gameforge.com/main/client/|hxxps://cz2.herozerogame.com/|about:addons
FF NetworkProxy: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://cz2.herozerogame.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2021-08-26]
CHR Notifications: Default -> hxxps://cz2.herozerogame.com; hxxps://makro-cz.os.tc; hxxps://sip.denik.cz; hxxps://sk.pinterest.com; hxxps://www.idnes.cz; hxxps://www.levneletenky.org; hxxps://www.tipsport.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://cz2.herozerogame.com/#","hxxps://s1-cz.tanoth.gameforge.com/","hxxps://www.idnes.cz/"
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-27]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2021-08-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-15]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

Opera:
=======
OPR Profile: C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable [2021-08-24]
OPR Notifications: Opera Stable -> hxxps://cz2.herozerogame.com; hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Translator) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-08-24]
OPR Extension: (Web Apps launcher for Google) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enbkoenhcjpodcjhgmmdnpodhjgojokp [2020-07-08]
OPR Extension: (Rich Hints Agent) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-08-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (Install Chrome Extensions) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-07-08]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-08-15]
OPR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-06-21]

Vivaldi:
=======
VIV Profile: C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default [2021-08-15]
VIV Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-11-02]
VIV Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-11-02]
VIV Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-04] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8262736 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [627480 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [374552 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-10-10] (INTERNET PROJECT LLC -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15856 2018-10-10] (INTERNET PROJECT LLC -> Ellora Assets Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [218976 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [367640 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184648 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559816 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108408 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82904 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851704 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [328568 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\Windows\system32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_arabica; C:\Program Files\BlueStacks_arabica\BstkDrv_arabica.sys [315952 2021-02-23] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 17:02 - 2021-08-26 17:04 - 000023416 _____ C:\Users\oldřich\Downloads\FRST.txt
2021-08-26 16:55 - 2021-08-26 17:03 - 000000000 ____D C:\FRST
2021-08-26 16:53 - 2021-08-26 16:53 - 002300928 _____ (Farbar) C:\Users\oldřich\Downloads\FRST64.exe
2021-08-19 01:53 - 2021-08-25 14:57 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - oldřich
2021-08-15 01:55 - 2021-08-15 01:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-14 17:43 - 2021-08-15 20:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-13 17:21 - 2021-08-13 17:21 - 013212440 _____ C:\Users\oldřich\Downloads\wink_installer (3).exe
2021-08-12 16:31 - 2021-08-12 16:31 - 000067383 _____ C:\Users\oldřich\Downloads\Keylogger 4.zip
2021-08-12 16:24 - 2021-08-12 16:24 - 005255403 _____ C:\Users\oldřich\Downloads\ksetup (1).zip
2021-08-11 12:15 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-11 12:15 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2021-08-08 05:10 - 2021-08-08 05:11 - 014286519 _____ C:\Users\oldřich\Downloads\Nepotvrzeno 863623.crdownload
2021-08-04 23:23 - 2021-08-04 23:23 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-08-04 23:23 - 2021-08-04 23:23 - 000215392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-08-03 20:22 - 2021-08-03 20:22 - 000000000 ____D C:\Users\oldřich\AppData\Local\Winthread_Software
2021-08-03 20:16 - 2021-08-26 17:03 - 000000000 __SHD C:\Program Files\Windows Keylogger
2021-08-03 20:16 - 2021-08-13 17:18 - 000000000 ____D C:\ProgramData\wink
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\MSBuild
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-07-29 19:29 - 2021-07-29 19:29 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (2).exe
2021-07-29 15:51 - 2021-07-29 15:52 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (1).exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 16:42 - 2020-06-10 15:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 14:36 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2021-08-26 13:53 - 2020-10-16 12:46 - 000000000 ____D C:\Program Files\CCleaner
2021-08-26 13:43 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job
2021-08-26 13:13 - 2020-06-10 15:21 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9D31D5CA-EF01-4702-B69D-BA54BE3B04A1}
2021-08-25 14:57 - 2021-01-14 16:44 - 000003864 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-08-25 14:57 - 2021-01-13 14:07 - 000003354 _____ C:\Windows\system32\Tasks\AMD ThankingURL
2021-08-25 14:57 - 2021-01-13 14:05 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-08-25 14:57 - 2020-10-16 12:46 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-08-25 14:57 - 2020-10-16 12:46 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-08-25 14:57 - 2020-06-11 01:58 - 000003276 _____ C:\Windows\system32\Tasks\update-sys
2021-08-25 14:57 - 2020-06-11 01:58 - 000003258 _____ C:\Windows\system32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-25 14:57 - 2020-06-10 23:15 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 23:15 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 19:23 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 19:23 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 16:37 - 000004058 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1591799864
2021-08-25 14:57 - 2020-06-10 15:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-08-24 21:23 - 2020-06-10 15:23 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-24 19:42 - 2020-07-17 20:45 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Seznam.cz
2021-08-24 15:47 - 2020-06-10 15:19 - 000000000 ____D C:\Users\oldřich\OneDrive
2021-08-24 15:44 - 2020-06-21 22:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-24 15:44 - 2020-06-10 15:23 - 000000000 ____D C:\ProgramData\Avast Software
2021-08-24 15:44 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-22 13:55 - 2020-07-03 21:39 - 000000000 ____D C:\Windows\Minidump
2021-08-22 13:55 - 2020-06-10 15:05 - 000103936 ____N C:\Windows\Minidump\082221-18187-01.dmp
2021-08-21 12:29 - 2020-06-10 19:24 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-21 12:29 - 2020-06-10 19:24 - 000002200 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-21 00:49 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-08-19 13:48 - 2020-06-10 15:24 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-08-19 13:48 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-08-18 23:38 - 2020-06-10 23:15 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-18 23:38 - 2020-06-10 23:15 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-18 13:44 - 2021-05-26 10:48 - 000000000 ____D C:\Users\oldřich\AppData\Local\Avast Software
2021-08-17 15:37 - 2014-11-21 06:53 - 001748688 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-17 15:37 - 2014-11-21 06:10 - 000739580 _____ C:\Windows\system32\perfh005.dat
2021-08-17 15:37 - 2014-11-21 06:10 - 000151702 _____ C:\Windows\system32\perfc005.dat
2021-08-15 20:41 - 2020-06-11 13:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-15 01:58 - 2020-06-11 13:46 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2021-08-15 01:56 - 2020-06-11 13:46 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-15 01:55 - 2020-06-12 05:59 - 000139776 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2021-08-15 01:55 - 2020-06-11 13:46 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-15 01:49 - 2020-06-21 23:02 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2021-08-15 01:46 - 2020-07-28 15:16 - 000667648 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2021-08-14 12:06 - 2020-06-10 16:37 - 000001432 _____ C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-08-14 11:59 - 2020-06-10 15:25 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-08-12 13:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-08-11 15:29 - 2013-08-22 16:44 - 000386688 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-11 15:25 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-08-11 12:31 - 2020-06-10 16:19 - 000000000 ____D C:\Windows\system32\MRT
2021-08-11 12:26 - 2020-06-10 16:19 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-08-11 12:26 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-08-04 23:23 - 2020-10-13 14:11 - 000184648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000851704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000559816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000367640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000328568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000218976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000108408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000082904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\MUI
2021-07-29 16:16 - 2020-06-11 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories ========

2020-06-11 01:58 - 2020-06-11 01:58 - 000000003 _____ () C:\Users\oldřich\AppData\Local\updater.log
2020-07-25 12:04 - 2021-01-12 15:58 - 000000071 _____ () C:\Users\oldřich\AppData\Local\update_progress.txt
2020-06-11 01:58 - 2020-06-11 01:58 - 000000424 _____ () C:\Users\oldřich\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-08-20 12:20
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by oldřich (26-08-2021 17:05:44)
Running from C:\Users\oldřich\Downloads
Windows 8.1 (Update) (X64) (2020-06-10 13:11:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1232733984-2448475865-4075963903-500 - Administrator - Disabled)
Guest (S-1-5-21-1232733984-2448475865-4075963903-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232733984-2448475865-4075963903-1003 - Limited - Enabled)
oldřich (S-1-5-21-1232733984-2448475865-4075963903-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{E41DBD59-18EC-BB7B-A605-0A4CC449A599}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Any Video Converter 7.1.0 (HKLM-x32\...\Any Video Converter) (Version: 7.1.0 - Anvsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
BlueStacks 5 Beta (HKLM\...\BlueStacks_arabica) (Version: 5.0.0.7228 - BlueStack Systems, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0 (x64 cs)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.9.0 - Mozilla)
Mozilla Thunderbird 78.10.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.10.0 (x64 cs)) (Version: 78.10.0 - Mozilla)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero MediaHome verze 1.5 (HKLM-x32\...\Nero MediaHome_is1) (Version: 1.5 - )
Nox App Player verze 1.5 (HKLM-x32\...\Nox App Player_is1) (Version: 1.5 - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera Stable 78.0.4093.147 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Opera 78.0.4093.147) (Version: 78.0.4093.147 - Opera Software)
Seznam Software (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Skype verze 8.74 (HKLM-x32\...\Skype_is1) (Version: 8.74 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
upjers Home 2.1.64 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\{e2446448-09eb-5b1b-84b1-6746557362e3}) (Version: 2.1.64 - upjers GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
win8codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.4.0 - Shark007)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-06-11] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-05-25 19:04 - 2017-05-25 19:04 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-17 15:09 - 2020-10-07 23:33 - 099684864 _____ () [File not signed] C:\ProgramData\BlueStacks\CefData\libcef.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 000278528 ___SH (hxxp://system.data.sqlite.org/) [File not signed] [File is in use] C:\Program Files\Windows Keylogger\System.Data.SQLite.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 001126912 ___SH (Robert Simpson, et al.) [File not signed] C:\Program Files\Windows Keylogger\x64\SQLite.Interop.dll
2021-03-17 15:09 - 2020-10-07 23:33 - 000564736 _____ (The Chromium Authors) [File not signed] C:\ProgramData\BlueStacks\CefData\chrome_elf.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-05-25 19:04 - 2017-05-25 19:04 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://cz2.herozerogame.com/
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {022CF883-3558-43DB-8AED-09121BE2182E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {201B8636-521D-4372-97C4-2DE4A5C95134} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {51C160AA-C928-4438-A19A-8F8B0CE4EBF5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {599E34A9-7282-44D5-96E7-B3CF226FB774} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {7C46D962-7C33-4E93-99E0-77710DF5ED19} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {B17287DB-F76F-4F7E-A544-96CB55F2EEE4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {DC2B1D7B-90C9-4F9F-B4C2-52DB70EB829B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {E5F6B98D-7EEA-484A-B7AE-D1F147489EEF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {F2B8B33A-9075-4332-9836-F4730F68268F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\StartupApproved\Run: => "upjers Home"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCCB3323-AB5A-40A6-9014-9577A81501E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{706D6B0B-C362-402A-A0ED-EDBAA76D3B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{77905B17-BB9A-494D-9FC2-76E11E5EA622}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A4D1068E-96CE-4B14-8724-260B487C674B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{CDB97009-D93F-4D41-8463-14BB57A4F6C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B58628A7-C6A6-4E9D-8A90-3004A1A1460C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9AB02844-9CD2-4562-A30C-99CB956774DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{772A242A-5832-418D-8A99-1DB93ED6433B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BBEB9110-6D6E-4201-96F1-7E37E1596063}] => (Allow) C:\Program Files\BlueStacks_arabica\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems)
FirewallRules: [{EF61F43A-CBE0-431A-B605-EE9345AABFC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42AF646-7B62-4AE5-B8C1-1035F6CB7B69}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D54BF45-A261-4407-A928-FD58A25E1A7A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EBD72954-00A5-4F48-8157-79680A2F9601}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1B0EAFDB-AB6B-4A28-B307-8B65B53C4CC6}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{3237C765-BF24-4EB9-9115-9F4D6C658396}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{D5BD37FC-B439-4CC8-B416-E44E9EE1E135}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7000D18E-80C1-48CB-A9EF-FE0A0E19AE80}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6437D7BA-B08D-4804-A506-92FE99A776E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-08-2021 20:10:26 Instalační služba modulů systému Windows
11-08-2021 12:20:38 Windows Update
20-08-2021 12:22:07 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/23/2021 03:12:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 103c

Čas spuštění: 01d79759dda84979

Čas ukončení: 290

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: bcc91207-0413-11ec-8355-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/20/2021 04:43:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2194

Čas spuštění: 01d79521aa162a17

Čas ukončení: 40

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 564a099b-0160-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:56:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18e0

Čas spuštění: 01d794f10b15e279

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 7283d039-00e4-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2200

Čas spuštění: 01d7947ecc21dbda

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 4b16c5a6-007d-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 12:17:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12e8

Čas spuštění: 01d7943862e3639e

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: e1142745-0071-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/18/2021 03:21:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1a6c

Čas spuštění: 01d7942d4729e075

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 3b4f07f5-0027-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/15/2021 08:44:07 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/15/2021 08:44:07 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (08/26/2021 05:06:41 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:06:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:06:11 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:04:11 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:04:11 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:03:04 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:03:00 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 05:02:26 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.


Windows Defender:
================
Date: 2020-06-10 22:45:09.405
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

Date: 2020-06-10 16:29:19.000
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.17100.2
Předchozí verze modulu: 1.1.9700.0
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x8050800c
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2020-06-10 15:46:33.661
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V17.11 10/31/2012
Motherboard: MSI 760GM-P34(FX) (MS-7641)
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 95%
Total physical RAM: 8191.18 MB
Available physical RAM: 399 MB
Total Virtual: 16383.18 MB
Available Virtual: 5068.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:540.89 GB) (Free:407.16 GB) NTFS
Drive d: () (Fixed) (Total:390.28 GB) (Free:389.65 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{17498778-ab1b-11ea-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 21B252CA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-26-2021
# Duration: 00:00:16
# OS: Windows 8.1
# Scanned: 31990
# Detected: 15


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\oldřich\AppData\Local\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\oldřich\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Položky, které ADW nalezl, smažte (dejte do karantény), restartujte a dejte pak nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by oldřich (administrator) on RAKETA (MSI MS-7641) (26-08-2021 20:22:38)
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(INTERNET PROJECT LLC -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Winthread Software) [File not signed] C:\Program Files\Windows Keylogger\conhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [123672 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [conhost] => C:\Program Files\Windows Keylogger\conhost.exe [627200 2016-01-19] (Winthread Software) [File not signed]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [upjers Home] => C:\Users\oldřich\AppData\Local\Programs\upjers-playground2\upjers Home.exe [105073896 2020-08-19] (upjers GmbH -> upjers GmbH)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [Opera Browser Assistant] => C:\Users\oldřich\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1384328 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2935BB9D-86BF-40A5-B062-D028E09A8D77} - System32\Tasks\CCleanerSkipUAC - oldřich => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4282C8F2-A2E1-43B6-ABB7-0A6208E9C41D} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [363400 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {561FDBC9-4D77-41B9-BA9E-D16A5F61394E} - System32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5666AB83-26DA-49B3-B370-FC9B2178B955} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5D961744-82F6-4AEC-BCF8-F6E3F0B62C83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-25] (Adobe Inc. -> Adobe)
Task: {5DCC1D9D-37CE-4442-8708-6DF16821D838} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {624DC831-128A-421C-9674-49E4280C30FF} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {639CAEFC-A071-4F6F-AE9B-323AF24F0015} - System32\Tasks\Opera scheduled assistant Autoupdate 1592314214 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\oldřich\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {79941511-C806-47AC-8B87-D2A8DFC91079} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {7F65DD54-C01A-4A7B-B6C0-46C80969AB9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
Task: {993939E0-DA54-497D-9645-5761516B1F3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {AC93EB04-FEA8-4401-A21D-24F72C01BE65} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {D086F73E-ED65-41AF-AF02-9A0E961E8E23} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-22] (Adobe Inc. -> Adobe)
Task: {D1962051-92BA-4BCA-A88A-82427BEDE832} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4902680 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
Task: {E1673A99-EDBD-4D1B-9EC5-953C8AF66E41} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {EC3957C9-9BD6-4363-82E2-316AFD32A7AA} - System32\Tasks\Opera scheduled Autoupdate 1591799864 => C:\Users\oldřich\AppData\Local\Programs\Opera\launcher.exe [3123408 2021-08-11] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{832D3418-B880-4F00-86CD-1C65EC6DB039}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\oldřich\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-26]

FireFox:
========
FF DefaultProfile: gde1uc3i.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default [2020-07-17]
FF Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\gde1uc3i.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\ezjbdbhd.default-release [2021-08-26]
FF Homepage: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://s1-cz.tanoth.gameforge.com/main/client/|hxxps://cz2.herozerogame.com/|about:addons
FF NetworkProxy: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\ezjbdbhd.default-release -> hxxps://cz2.herozerogame.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-25] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2021-08-26]
CHR Notifications: Default -> hxxps://cz2.herozerogame.com; hxxps://makro-cz.os.tc; hxxps://sip.denik.cz; hxxps://sk.pinterest.com; hxxps://www.idnes.cz; hxxps://www.levneletenky.org; hxxps://www.tipsport.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://cz2.herozerogame.com/#","hxxps://s1-cz.tanoth.gameforge.com/","hxxps://www.idnes.cz/"
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-27]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2021-08-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-26]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

Opera:
=======
OPR Profile: C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable [2021-08-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Translator) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-08-26]
OPR Extension: (Web Apps launcher for Google) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enbkoenhcjpodcjhgmmdnpodhjgojokp [2020-07-08]
OPR Extension: (Rich Hints Agent) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-08-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (Install Chrome Extensions) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-07-08]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-08-15]
OPR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-06-21]

Vivaldi:
=======
VIV Profile: C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default [2021-08-26]
VIV Extension: (Seznam doplněk - Email) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-11-02]
VIV Extension: (Seznam doplněk - Esko) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-11-02]
VIV Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-22] (Adobe Inc. -> Adobe)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-04] (Advanced Micro Devices) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8262736 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [627480 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [374552 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-10-10] (INTERNET PROJECT LLC -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15856 2018-10-10] (INTERNET PROJECT LLC -> Ellora Assets Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-08-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [218976 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [367640 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184648 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559816 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108408 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82904 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851704 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [471920 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215392 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [328568 2021-08-04] (Avast Software s.r.o. -> AVAST Software)
S3 athur; C:\Windows\system32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_arabica; C:\Program Files\BlueStacks_arabica\BstkDrv_arabica.sys [315952 2021-02-23] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 18:28 - 2021-08-26 20:07 - 000000000 ____D C:\AdwCleaner
2021-08-26 18:26 - 2021-08-26 18:26 - 008553680 _____ (Malwarebytes) C:\Users\oldřich\Downloads\adwcleaner_8.3.0 (1).exe
2021-08-26 18:25 - 2021-08-26 18:25 - 008553680 _____ (Malwarebytes) C:\Users\oldřich\Downloads\adwcleaner_8.3.0.exe
2021-08-26 18:14 - 2021-08-26 18:14 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-08-26 17:59 - 2021-08-26 18:00 - 000000000 ____D C:\Program Files\Recuva
2021-08-26 17:59 - 2021-08-26 17:59 - 000001736 _____ C:\Users\Public\Desktop\Defraggler.lnk
2021-08-26 17:59 - 2021-08-26 17:59 - 000001670 _____ C:\Users\Public\Desktop\Recuva.lnk
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2021-08-26 17:59 - 2021-08-26 17:59 - 000000000 ____D C:\Program Files\Defraggler
2021-08-26 17:45 - 2021-08-26 17:46 - 000000000 ____D C:\Users\oldřich\Downloads\ACC
2021-08-26 17:42 - 2021-08-26 17:42 - 043255135 _____ C:\Users\oldřich\Downloads\CCleaner Professional Plus v5.83 + Fix {CracksHash}.zip
2021-08-26 17:05 - 2021-08-26 17:08 - 000031072 _____ C:\Users\oldřich\Downloads\Addition.txt
2021-08-26 17:02 - 2021-08-26 20:24 - 000021913 _____ C:\Users\oldřich\Downloads\FRST.txt
2021-08-26 16:55 - 2021-08-26 20:23 - 000000000 ____D C:\FRST
2021-08-26 16:53 - 2021-08-26 16:53 - 002300928 _____ (Farbar) C:\Users\oldřich\Downloads\FRST64.exe
2021-08-19 01:53 - 2021-08-25 14:57 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - oldřich
2021-08-15 01:55 - 2021-08-15 01:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-14 17:43 - 2021-08-15 20:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-13 17:21 - 2021-08-13 17:21 - 013212440 _____ C:\Users\oldřich\Downloads\wink_installer (3).exe
2021-08-12 16:31 - 2021-08-12 16:31 - 000067383 _____ C:\Users\oldřich\Downloads\Keylogger 4.zip
2021-08-12 16:24 - 2021-08-12 16:24 - 005255403 _____ C:\Users\oldřich\Downloads\ksetup (1).zip
2021-08-11 12:15 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-11 12:15 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2021-08-08 05:10 - 2021-08-08 05:11 - 014286519 _____ C:\Users\oldřich\Downloads\Nepotvrzeno 863623.crdownload
2021-08-04 23:23 - 2021-08-04 23:23 - 000339736 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-08-04 23:23 - 2021-08-04 23:23 - 000215392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-08-03 20:22 - 2021-08-03 20:22 - 000000000 ____D C:\Users\oldřich\AppData\Local\Winthread_Software
2021-08-03 20:16 - 2021-08-26 20:23 - 000000000 __SHD C:\Program Files\Windows Keylogger
2021-08-03 20:16 - 2021-08-13 17:18 - 000000000 ____D C:\ProgramData\wink
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files\MSBuild
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-08-03 20:14 - 2021-08-03 20:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-07-29 19:29 - 2021-07-29 19:29 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (2).exe
2021-07-29 15:51 - 2021-07-29 15:52 - 001808739 _____ (winthread software ) C:\Users\oldřich\Downloads\wink_installer (1).exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-26 20:21 - 2020-10-16 12:46 - 000000000 ____D C:\Program Files\CCleaner
2021-08-26 20:20 - 2020-06-10 15:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-26 20:20 - 2020-06-10 15:19 - 000000000 ____D C:\Users\oldřich\OneDrive
2021-08-26 20:13 - 2020-06-21 22:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-26 20:13 - 2020-06-10 15:23 - 000000000 ____D C:\ProgramData\Avast Software
2021-08-26 20:12 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-26 20:12 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-08-26 20:11 - 2020-06-10 15:24 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-08-26 19:21 - 2020-06-10 15:21 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9D31D5CA-EF01-4702-B69D-BA54BE3B04A1}
2021-08-26 18:36 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2021-08-26 18:14 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-08-26 18:12 - 2020-06-10 15:23 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-26 18:09 - 2020-06-11 20:16 - 000001326 _____ C:\Users\Public\Desktop\Skype.lnk
2021-08-26 18:09 - 2020-06-11 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-08-26 18:08 - 2020-06-12 05:59 - 000139776 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2021-08-26 18:07 - 2020-10-28 04:12 - 000001086 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-08-26 18:06 - 2020-07-03 21:39 - 000000000 ____D C:\Windows\Minidump
2021-08-26 18:04 - 2021-05-26 10:48 - 000000000 ____D C:\Users\oldřich\AppData\Local\Avast Software
2021-08-26 17:57 - 2020-10-16 12:46 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-08-26 17:57 - 2020-10-16 12:46 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-08-26 17:43 - 2020-06-11 01:58 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001.job
2021-08-25 14:57 - 2021-01-14 16:44 - 000003864 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-08-25 14:57 - 2021-01-13 14:07 - 000003354 _____ C:\Windows\system32\Tasks\AMD ThankingURL
2021-08-25 14:57 - 2021-01-13 14:05 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-08-25 14:57 - 2020-10-16 12:46 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-08-25 14:57 - 2020-06-11 01:58 - 000003276 _____ C:\Windows\system32\Tasks\update-sys
2021-08-25 14:57 - 2020-06-11 01:58 - 000003258 _____ C:\Windows\system32\Tasks\update-S-1-5-21-1232733984-2448475865-4075963903-1001
2021-08-25 14:57 - 2020-06-10 23:15 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 23:15 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 19:23 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-25 14:57 - 2020-06-10 19:23 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-25 14:57 - 2020-06-10 16:37 - 000004058 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1591799864
2021-08-25 14:57 - 2020-06-10 15:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-08-21 12:29 - 2020-06-10 19:24 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-21 12:29 - 2020-06-10 19:24 - 000002200 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-18 23:38 - 2020-06-10 23:15 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-18 23:38 - 2020-06-10 23:15 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-17 15:37 - 2014-11-21 06:53 - 001748688 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-17 15:37 - 2014-11-21 06:10 - 000739580 _____ C:\Windows\system32\perfh005.dat
2021-08-17 15:37 - 2014-11-21 06:10 - 000151702 _____ C:\Windows\system32\perfc005.dat
2021-08-15 20:41 - 2020-06-11 13:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-15 01:58 - 2020-06-11 13:46 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2021-08-15 01:56 - 2020-06-11 13:46 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-15 01:55 - 2020-06-11 13:46 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-15 01:49 - 2020-06-21 23:02 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2021-08-15 01:46 - 2020-07-28 15:16 - 000667648 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2021-08-14 12:06 - 2020-06-10 16:37 - 000001432 _____ C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-08-14 11:59 - 2020-06-10 15:25 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-08-12 13:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-08-11 15:29 - 2013-08-22 16:44 - 000386688 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-11 15:25 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-08-11 12:31 - 2020-06-10 16:19 - 000000000 ____D C:\Windows\system32\MRT
2021-08-11 12:26 - 2020-06-10 16:19 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-08-11 12:26 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-08-04 23:23 - 2020-10-13 14:11 - 000184648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000851704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000559816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000471920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000367640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000328568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000250392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000218976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000108408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000082904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-08-04 23:23 - 2020-06-10 15:25 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-08-03 20:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\MUI

==================== Files in the root of some directories ========

2020-06-11 01:58 - 2020-06-11 01:58 - 000000003 _____ () C:\Users\oldřich\AppData\Local\updater.log
2020-07-25 12:04 - 2021-01-12 15:58 - 000000071 _____ () C:\Users\oldřich\AppData\Local\update_progress.txt
2020-06-11 01:58 - 2020-06-11 01:58 - 000000424 _____ () C:\Users\oldřich\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-08-20 12:20
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by oldřich (26-08-2021 20:24:44)
Running from C:\Users\oldřich\Downloads
Windows 8.1 (Update) (X64) (2020-06-10 13:11:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1232733984-2448475865-4075963903-500 - Administrator - Disabled)
Guest (S-1-5-21-1232733984-2448475865-4075963903-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232733984-2448475865-4075963903-1003 - Limited - Enabled)
oldřich (S-1-5-21-1232733984-2448475865-4075963903-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{E41DBD59-18EC-BB7B-A605-0A4CC449A599}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Any Video Converter 7.1.0 (HKLM-x32\...\Any Video Converter) (Version: 7.1.0 - Anvsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
BlueStacks 5 Beta (HKLM\...\BlueStacks_arabica) (Version: 5.0.0.7228 - BlueStack Systems, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.78 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 91.0 (x64 cs)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.9.0 - Mozilla)
Mozilla Thunderbird 78.10.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.10.0 (x64 cs)) (Version: 78.10.0 - Mozilla)
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero MediaHome verze 1.5 (HKLM-x32\...\Nero MediaHome_is1) (Version: 1.5 - )
Nox App Player verze 1.5 (HKLM-x32\...\Nox App Player_is1) (Version: 1.5 - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera Stable 78.0.4093.147 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\Opera 78.0.4093.147) (Version: 78.0.4093.147 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Skype verze 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.4 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
upjers Home 2.1.64 (HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\{e2446448-09eb-5b1b-84b1-6746557362e3}) (Version: 2.1.64 - upjers GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
win8codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.4.0 - Shark007)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2020-07-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-06-11] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-08-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-06-11 20:16 - 2021-08-10 08:59 - 002546176 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-06-11 20:16 - 2021-08-10 08:59 - 000359936 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-06-11 20:16 - 2021-08-10 08:59 - 006861312 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 000278528 ___SH (hxxp://system.data.sqlite.org/) [File not signed] [File is in use] C:\Program Files\Windows Keylogger\System.Data.SQLite.dll
2021-08-03 20:16 - 2014-03-12 17:47 - 001126912 ___SH (Robert Simpson, et al.) [File not signed] C:\Program Files\Windows Keylogger\x64\SQLite.Interop.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-05-25 19:03 - 2017-05-25 19:03 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://cz2.herozerogame.com/
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {022CF883-3558-43DB-8AED-09121BE2182E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {201B8636-521D-4372-97C4-2DE4A5C95134} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {51C160AA-C928-4438-A19A-8F8B0CE4EBF5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {599E34A9-7282-44D5-96E7-B3CF226FB774} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {7C46D962-7C33-4E93-99E0-77710DF5ED19} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {B17287DB-F76F-4F7E-A544-96CB55F2EEE4} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {DC2B1D7B-90C9-4F9F-B4C2-52DB70EB829B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {E5F6B98D-7EEA-484A-B7AE-D1F147489EEF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-1232733984-2448475865-4075963903-1001 -> {F2B8B33A-9075-4332-9836-F4730F68268F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\StartupApproved\Run: => "upjers Home"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCCB3323-AB5A-40A6-9014-9577A81501E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{706D6B0B-C362-402A-A0ED-EDBAA76D3B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{77905B17-BB9A-494D-9FC2-76E11E5EA622}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A4D1068E-96CE-4B14-8724-260B487C674B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{BBEB9110-6D6E-4201-96F1-7E37E1596063}] => (Allow) C:\Program Files\BlueStacks_arabica\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems)
FirewallRules: [{EF61F43A-CBE0-431A-B605-EE9345AABFC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42AF646-7B62-4AE5-B8C1-1035F6CB7B69}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1B0EAFDB-AB6B-4A28-B307-8B65B53C4CC6}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{3237C765-BF24-4EB9-9115-9F4D6C658396}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{D5BD37FC-B439-4CC8-B416-E44E9EE1E135}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{7000D18E-80C1-48CB-A9EF-FE0A0E19AE80}C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\oldřich\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6437D7BA-B08D-4804-A506-92FE99A776E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3F7C5E11-BE3D-4A80-B0B7-6A481A5579C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CC51160-906E-4963-BCC9-A1FCC6978D36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D39D971-586E-4758-8553-8474FC3AD5EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17EB7673-9E24-48EF-9686-17ACE7E9E0A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{555FF9FE-9795-45E3-966E-72D2DA7FE6EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46C4003C-7861-4F1C-B9FD-AAA78B7A07DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

03-08-2021 20:10:26 Instalační služba modulů systému Windows
11-08-2021 12:20:38 Windows Update
20-08-2021 12:22:07 Naplánovaný kontrolní bod
26-08-2021 18:09:49 Piriform Driver Updater - Update 9.0.0.9910

==================== Faulty Device Manager Devices ============

Name: Vstupní zařízení USB
Description: Vstupní zařízení USB
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service: HidUsb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/26/2021 06:22:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2174

Čas spuštění: 01d79a964a319db6

Čas ukončení: 4

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: c6e88caa-0689-11ec-8357-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/26/2021 06:09:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d214cf26-7fea-4c93-b1d0-b44da3955f89}

Error: (08/23/2021 03:12:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 103c

Čas spuštění: 01d79759dda84979

Čas ukončení: 290

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: bcc91207-0413-11ec-8355-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/20/2021 04:43:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2194

Čas spuštění: 01d79521aa162a17

Čas ukončení: 40

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 564a099b-0160-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:56:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18e0

Čas spuštění: 01d794f10b15e279

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 7283d039-00e4-11ec-8352-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 01:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.159 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2200

Čas spuštění: 01d7947ecc21dbda

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 4b16c5a6-007d-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/19/2021 12:17:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12e8

Čas spuštění: 01d7943862e3639e

Čas ukončení: 11

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: e1142745-0071-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/18/2021 03:21:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 92.0.4515.131 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1a6c

Čas spuštění: 01d7942d4729e075

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 3b4f07f5-0027-11ec-8351-d43d7e5271ef

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (08/26/2021 08:13:33 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 08:13:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (08/26/2021 08:10:43 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 08:10:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/26/2021 08:07:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/26/2021 08:07:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Update byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/26/2021 08:07:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FreemakeVideoCapture byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/26/2021 08:07:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2020-06-10 22:45:09.405
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

Date: 2020-06-10 16:29:19.000
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.17100.2
Předchozí verze modulu: 1.1.9700.0
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x8050800c
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2020-06-10 15:46:33.661
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V17.11 10/31/2012
Motherboard: MSI 760GM-P34(FX) (MS-7641)
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 8191.18 MB
Available physical RAM: 5903.95 MB
Total Virtual: 16383.18 MB
Available Virtual: 13662.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:540.89 GB) (Free:406.01 GB) NTFS
Drive d: () (Fixed) (Total:390.28 GB) (Free:389.65 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB)

\\?\Volume{17498778-ab1b-11ea-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 21B252CA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte do C:\Users\oldřich\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by oldřich (26-08-2021 23:24:19) Run:1
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {14d7ca74-dfc9-11ea-8272-d43d7e5271ef} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e71b-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {30e6e88a-9534-11eb-8316-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\...\MountPoints2: {83ca1b5c-e576-11eb-8343-d43d7e5271ef} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CE2237A8-4F66-499E-AB4C-33C1C52D581D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
Task: {E84BD9CD-319D-4677-B59B-6EE194A32404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-10] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

*****************

Processes closed successfully.
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14d7ca74-dfc9-11ea-8272-d43d7e5271ef} => removed successfully
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30e6e71b-9534-11eb-8316-d43d7e5271ef} => removed successfully
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30e6e88a-9534-11eb-8316-d43d7e5271ef} => removed successfully
HKU\S-1-5-21-1232733984-2448475865-4075963903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83ca1b5c-e576-11eb-8343-d43d7e5271ef} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE2237A8-4F66-499E-AB4C-33C1C52D581D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE2237A8-4F66-499E-AB4C-33C1C52D581D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E84BD9CD-319D-4677-B59B-6EE194A32404}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E84BD9CD-319D-4677-B59B-6EE194A32404}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31952162 B
Java, Flash, Steam htmlcache => 25744145 B
Windows/system/drivers => 35017 B
Edge => 0 B
Chrome => 22867422 B
Vivaldi => 139264 B
Firefox => 11211190 B
Opera => 6111898 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 374609 B
systemprofile32 => 463492 B
LocalService => 464316 B
NetworkService => 464316 B
oldřich => 39458913 B

RecycleBin => 0 B
EmptyTemp: => 140.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:24:48 ====

Smazáno. Nastala nějaká změna?

Ano nastala, PC začalo zpomalovat a komolit psaní, takže, když chci napsat nějaké heslo, píšu ho několikrát je to děsné.

Za to ale nemůže čištění FRST. Zkuste obnovu systému k datu, kdy korektně fungoval.

mám jen několik dní staré zálohy a myslím, že závada trvá již déle, tak to vidím na přeinstalaci ? Už jsem si stáhnul instalačku win 10. Jen doufám, že půjdou nainstalovat s heslem od win 8, jednou to již šlo, když to bylo zdarma, tak doufám, že se zadaří na staré heslo i nyní?

Obhávám se, že teď už to nefunguje, ale zkusit to můžete. Také můžete zkusit opravu systému pomocí WindowsRepair: https://www.slunecnice.cz/sw/windows-repair/ .

děkuji za snahu pomoci, téma bych zatím uzavřel, jestli souhlasíte, když něco, doufám, že se mohu opět obrátit na Vás

Nemáte zač a obrátit se na nás samozřejmě můžete!